eSentire: Leveraging Ontario’s strengths to block global cyberthreats

The work day had barely started when an employee of a New York investment firm opened email sent by a hacker and inadvertently downloaded ransomware on to the company's system. If that wasn’t bad enough, a second download triggered an attempt to encrypt the firm's huge volumes of data. If that attack would prove to be successful, it would come with an ultimatum: – pay a ransom for your information or lose it all.

But the company had great reason to hope for (and expect) a positive outcome. As part of its cybersecurity program, it had hired Waterloo, Ontario-based eSentire Inc. to monitor, detect and respond to system and data breaches. Within 60 seconds of the attack, eSentire technology blocked the first ransomware occurrence, while an analyst at the company's security operations centre disconnected the network connection to the hacker and started investigating the second attack.

“What it’s all about is a set of capabilities to detect when your security or protective controls have been bypassed or breached,” says J. Paul Haynes, President and Chief Operating Officer of eSentire. “Our measure of success is preventing business-altering breaches.”

If the best way to fund a business is through customer acquisition, eSentire’s 97 per cent customer retention rate is part of their recipe for success. But what’s the secret ingredient? “Trust,” says Haynes. “We are an extension of their organization. We can start making decisions as though we are their own IT staff, and we demonstrate that within days of onboarding the customer.”

A game-changing approach: Full threat visibility and immediate response

eSentire is a part of Ontario's fast-growing group of cybersecurity companies – a hub of innovation that's gaining recognition for advanced solutions to today's complex data protection challenges. eSentire's Managed Detection and Response provides an approach to data protection has been game-changing, says Haynes.

By combining human insight and machine learning, this global cybersecurity leader detects and responds to known and unknown threats by understanding how attackers think. Where other cybersecurity companies might simply rely on tools such as firewalls and anti-virus programs to detect and block hackers, eSentire takes proprietary, leading-edge detection and prevention technology and combines it with live security analysts who swoop in during critical times to assess and resolve attacks. This approach has earned eSentire a great deal of respect in the industry – and added hundreds of companies to its client roster.

But what makes eSentire even more unique is the speed in which they are able to intervene on behalf of their clients. Within 35 seconds of detecting a threat, analysts (known at eSentire as threat hunters) will begin investigating an incident. If it is determined to be a legitimate threat to their client’s business, eSentire’s analysts step in to contain and remediate the threat in a matter of minutes. This monitoring occurs 24 hours a day, 7 days a week, 365 days of the year, so organizations don’t need to worry about not having someone in the office to stop a threat.

“The speed at which hackers are moving in networks now is like nothing we’ve ever seen,” says Haynes. “In the old days of cybersecurity, if someone got in, they would be knocking around there for weeks or months before they actually could finish what they were up to. Today, 50 per cent of all threats are completed within 15 hours.”

While most companies have some form of an intrusion detection system, eSentire sees threats other technologies miss and provides a layer of added protection, and peace of mind. As soon as the company’s protective controls have been bypassed or breached, eSentire’s “threat hunters” infiltrate the compromised zones, work fast to contain the threat and minimize its dwell time in the system. With one of the most advanced training programs in the industry, eSentire’s threat hunters are essentially like a cyber S.W.A.T. team, ready to be deployed at a moment’s notice.

Why an Ontario footprint is good for business

Since its foundation in 2001, eSentire has built its reputation by always being there to protect high-risk assets from advanced cyber threats that technology alone can miss. But with clients around the globe, being a Canadian firm offers its own appeal.

Like most technology companies, an ongoing challenge is finding people with the right skills. Based of out of a new headquarters in Waterloo, Haynes relishes his company’s proximity to high-quality talent.

Collaborating with universities on cybersecurity curriculums

The company values its tech talent pool so much that it created a scholarship at the University of Guelph for the recently announced Masters in Cybersecurity program and created an annual $5,000 scholarship for female cybersecurity students accepted to the program. Additionally, to help ensure a steady stream of graduates with up-to-date skills and knowledge, eSentire works closely with six Ontario colleges, providing guidance on cybersecurity curriculum programming, says Haynes.

While access to top talent is important, there’s an even bigger Canadian-specific draw for some of eSentire’s international clients. “Our privacy regime is really second to none,” says Haynes. “Our customers in the U.S., which is our largest market, know this, and they like our high privacy standards here.” As other countries grapple with their own rules around privacy and cybersecurity, many are looking to Ontario as a best-practice case study.

Haynes says, Ontario is well positioned to be a leading cybersecurity hub.

Poised for growth and greatness

To keep up with its own rapid growth and bolster its offerings, eSentire acquired cybersecurity AI leader Versive in October 2018.

The acquisition of Versive provides eSentire with access to a technology platform that could detect insider threats typically associated with nation state level activities. “It solves a more complex problem that customers from certain markets face,” explains Haynes.

As cyber attacks and identity fraud remain a growing threat to companies and consumers, eSentire continues to expand in North America and on a global scale. The company has moved beyond the financial industry and into other sectors such as legal, information technology, healthcare, manufacturing, and construction.

“Healthcare is a big focus for us right now,” says Haynes. “It is grossly underserved partly because the system does not favour investments in technology for efficiency.”

Cybersecurity can be a matter of life and death

Hospitals are a target of certain strains of ransomware, yet technology investments often go to new diagnostic equipment over network security. “For example, what if the computer that runs the MRI suddenly stops operating and you can’t get to the patient records, or you can’t do a diagnostic which is needed for somebody who is going into surgery.” Haynes emphasizes just how quickly these hospitals move to life or death situations when they experience cybersecurity problems.

All Access Pass: airports, highways, transit

Toronto's transportation infrastructure has also been critical in making it easier for eSentire to build and grow its business, says Haynes. The company's head office in Waterloo, Ontario is only about an hour's drive from Toronto Pearson International Airport. Travel within the region is eased by a network of large highways and a regional train and bus transit system.

"Access to the Toronto airport is especially important because it gets us to many places on a direct flight," says Haynes. "As you build a firm that's export-oriented you're in a lot of planes to meet customers, so proximity to the airport is an advantage for us."

All that Ontario has to offer is good for eSentire, says Haynes.

"Revenue-wise, we expect to grow at 60 per cent a year over the next five years, and our goal is to become a $300M company within this timeframe," he says. "The company owes its success to starting and growing here in Ontario."